stable

buildah-1.19.6-2.fc33, containernetworking-plugins-0.9.1-2.fc33, & 3 more

FEDORA-2021-fb466fb623 created by lsm5 3 years ago for Fedora 33

bump podman to v3.0.1, Security fix for CVE-2021-20206


Resolves: #1919391, #1926796 - Security fix for CVE-2021-20206


Autobuilt v1.19.3


Autobuilt v1.19.2


Autobuilt v1.19.1


Autobuilt v1.19.0


harden cgo based golang binaries


Autobuilt v0.9.1

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2021-fb466fb623

This update has been submitted for testing by lsm5.

3 years ago

This update's test gating status has been changed to 'failed'.

3 years ago

This update's test gating status has been changed to 'waiting'.

3 years ago

lsm5 edited this update.

New build(s):

  • containers-common-1-4.fc33
  • skopeo-1.2.1-1.fc33

Karma has been reset.

3 years ago

This update's test gating status has been changed to 'failed'.

3 years ago

lsm5 edited this update.

New build(s):

  • buildah-1.19.4-2.fc33

Karma has been reset.

3 years ago

This update has obsoleted buildah-1.19.4-1.fc33, and has inherited its bugs and notes.

3 years ago

lsm5 edited this update.

New build(s):

  • containernetworking-plugins-0.9.1-2.fc33

Karma has been reset.

3 years ago

This update has obsoleted containernetworking-plugins-0.9.1-1.fc33, and has inherited its bugs and notes.

3 years ago
User Icon baude commented & provided feedback 3 years ago
karma

verified to work and ran through the core-os testing CI.

This update has been pushed to testing.

3 years ago
User Icon cserpentis commented & provided feedback 3 years ago
karma

works for me

User Icon lbrabec commented & provided feedback 3 years ago
karma

podman works

This update has been submitted for stable by bodhi.

3 years ago

FEDORA-2021-fb466fb623 ejected from the push because 'Required tests did not pass on this update'

3 years ago
User Icon adelton commented & provided feedback 3 years ago
karma

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

3 years ago
User Icon t3rm1n4l commented & provided feedback 3 years ago
karma

wfm

lsm5 edited this update.

New build(s):

  • podman-3.0.1-1.fc33
  • buildah-1.19.6-1.fc33
  • skopeo-1.2.2-1.fc33

Removed build(s):

  • buildah-1.19.4-2.fc33
  • podman-3.0.0-1.fc33
  • skopeo-1.2.1-1.fc33

Karma has been reset.

3 years ago

This update has been submitted for testing by lsm5.

3 years ago

This update has been pushed to testing.

3 years ago

Not tested yet.

User Icon atim commented & provided feedback 3 years ago
karma

LGTM so far.

lsm5 edited this update.

New build(s):

  • buildah-1.19.6-2.fc33

Removed build(s):

  • buildah-1.19.6-1.fc33

Karma has been reset.

3 years ago

This update has been submitted for testing by lsm5.

3 years ago

lsm5 edited this update.

3 years ago

This update has been pushed to testing.

3 years ago

This update's test gating status has been changed to 'waiting'.

3 years ago

This update's test gating status has been changed to 'passed'.

3 years ago
User Icon baude commented & provided feedback 3 years ago
karma

verified to work and ran through the core-os testing CI.

lsm5 edited this update.

3 years ago
User Icon santiago commented & provided feedback 3 years ago
karma

LGTM. Tested podman, buildah, skopeo. There's one persistent buildah failure, in combination-namespaces, but that's a longstanding bug

This update can be pushed to stable now if the maintainer wishes

3 years ago

This update has been submitted for stable by lsm5.

3 years ago
User Icon mheon commented & provided feedback 3 years ago
karma

Works here

BZ#1919391 CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration
BZ#1925399 CVE-2021-20206 containernetworking-plugins: containernetworking-cni: Arbitrary path injection via type field in CNI configuration [fedora-all]
BZ#1926796 CVE-2021-20206 buildah: containernetworking-cni: Arbitrary path injection via type field in CNI configuration [fedora-all]
BZ#1926801 CVE-2021-20206 podman: containernetworking-cni: Arbitrary path injection via type field in CNI configuration [fedora-all]

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
modified
3 years ago
BZ#1919391 CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration
0
1
BZ#1925399 CVE-2021-20206 containernetworking-plugins: containernetworking-cni: Arbitrary path injection via type field in CNI configuration [fedora-all]
0
1
BZ#1926796 CVE-2021-20206 buildah: containernetworking-cni: Arbitrary path injection via type field in CNI configuration [fedora-all]
0
1
BZ#1926801 CVE-2021-20206 podman: containernetworking-cni: Arbitrary path injection via type field in CNI configuration [fedora-all]
0
1

Automated Test Results